VMware Cloud Community
CERKYR
Enthusiast
Enthusiast
‎12-10-2018 03:14 AM

Vcenter (VCSA) : add 1 IP address (then 2 IP adress for the VCSA)

Hello,

Is it possible to have 2 IP address for the same vcenter server (vcsa) ?

The goal is to have 2 different network cards (then 2 IP address), for 2 different usages.
The 1st usage, IP B : manage the VM and the vcenter, on a specific network, NIC0 (ESXi).

The 2nd usage IP C : manage only the vcenter, from a other network (ZZ), with NIC3 (ESXi).

This VCSA manage 2 other ESXi with many VM on them.  (ESX1 and ESX2)

In the ESXi console (direct VGA), I can specify the IP address (A) of the ESXi server.
Inside the VCSA server installation, I was able to specify a IP address (B).
But how to to specify the IP address inside the second network IP address (C), linked with the NIC3, through vswitch3 ?

The final goal is to be sure that non-one can see and ping the VM stored on the ESXi (ESX1 and ESX2), from the network (ZZ), except the VCSA (IP B).

Regards,

0 Kudos
4 Replies
diegodco31
Leadership
Leadership
‎12-10-2018 05:10 AM

Hi

Check if the following VMware KB article helps:

VMware Knowledge Base

Create and Configure a Second NIC on the vCenter Server Appliance

https://www.virtuallyghetto.com/2016/02/caveats-when-multi-homing-the-vcenter-server-appliance-6-x-w...

Diego Oliveira
LinkedIn: http://www.linkedin.com/in/dcodiego
0 Kudos
CERKYR
Enthusiast
Enthusiast
‎12-10-2018 06:19 AM

Hello,

Then, the TIPS is :

https://<ip_vcsa>:5480

Inside this web interface, you must choose for the second NIC a complete different IP address and Subnet and Gateway, beetween the first NIC.

But, on my side, it's mandatory to have the same Subnet and Gateway and of course a different IP address.

Then it seems that ip reverse path filtering" must be disable.

The command do :

cat /proc/sys/net/ipv4/conf/default/rp_filter

2

The value "2" is not in the documentation.

And with the root account, I can't modify with vi the following file :

/proc/sys/net/ipv4/conf/eth1/rp_filter

that contain the value "1"

What does it mean "1" ? "rp_filter"  is enable or disable ?

But the system is blocked, by the functionnality "ip reverse path filtering"; how to disable it ?

THEN, I change my point of view, and go to a very different IP configuration, based on your proposal; something more simple.

After few minutes of configuration, I'm able to open the VCSA (vcenter) interfaces through the second IP address.

https://<2nd_IP>

https://<2nd_IP>:5480

https://<2nd_IP>/vsphere-client

...then , I can the vcenter interface.

But, now, I'm not able to open the VM through the "wmware Remote Control".

"Could Not Connect to pipe \\. \pipe\vmware-authdpipe within retry period"

I have the feeling, that on the secondary network, a DNS server must be available and configured with the DNS Zone, with A and PTR values.

(like it's the case on the first network)

Regards,

0 Kudos
CERKYR
Enthusiast
Enthusiast
‎12-10-2018 08:25 AM

If I use the HTML 5 interface with low functionnalities,

and If I click inside the view remote control of a VM, I'm able to open it.

But, I discover that the keybord into the Remote Control go to Qwerty, but I prefer use the Azerty keyboard.

I plan to use ALT + SHIFT to go to EN keyboard to FR keyboard.

0 Kudos
CERKYR
Enthusiast
Enthusiast
‎12-10-2018 08:30 AM

in any case, the "vmWare Remote Control" tool doesn't work : "Could Not Connect to pipe \\. \pipe\vmware-authdpipe within retry period".

Only the "HTML 5  Remote  Control" work, with QWERTY keyboard Inside the VM only, not AZERT keyboard.

---

I make some checks today :

On the second network, the DNS resolution doesn't work.

0 Kudos